JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.155.151.138

85.155.151.138 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 100%: ?

100%

ISP	ARiSystems.org - Bologna (BO) IT
Usage Type	Data Center/Web Hosting/Transit
ASN	AS208328
Domain Name	arisystems.org
Country	🇮🇹 Italy
City	Milan, Lombardy

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.155.151.138

Whois 85.155.151.138

IP Abuse Reports for 85.155.151.138:

This IP address has been reported a total of 37 times from 22 distinct sources. 85.155.151.138 was first reported on June 27th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-28 22:00:26 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-28	Web App Attack SSH Hacking
🇷🇺 DZBOT	2026-06-28 16:05:36 (1 day ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇨🇦 ISPLtd	2026-06-28 15:48:36 (1 day ago)	85.155.151.138 - - [28/Jun/2026:12:48:35 -0300] "GET /.git/HEAD 85.155.151.138 - - [28/Jun/2026:12:4 ... show more 85.155.151.138 - - [28/Jun/2026:12:48:35 -0300] "GET /.git/HEAD 85.155.151.138 - - [28/Jun/2026:12:48:36 -0300] "GET /.git/config ... show less	Hacking Web App Attack
🇨🇭 YF	2026-06-28 15:05:31 (1 day ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 13:54:01 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 09:53:55.013086 2026] [security2:error] [pid 9344:tid 9344] [client 85.155.151.138:48512] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cancersquared.com"] [uri "/.git/HEAD"] [unique_id "akEnc5xo1-lOXBx0C4C8_wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-28 13:41:04 (1 day ago)	Web vulnerability probing: /.env.development	Web App Attack
🇧🇾 lns.bz	2026-06-28 13:27:03 (1 day ago)	.env scanning [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 13:19:15 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 09:19:11.410219 2026] [security2:error] [pid 10711:tid 10711] [client 85.155.151.138:44240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caddydad.com"] [uri "/.git/HEAD"] [unique_id "akEfT6JSFVaWTHNqdaUv9AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 mgarofano80	2026-06-28 13:17:13 (1 day ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 12:48:37 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 08:48:32.116013 2026] [security2:error] [pid 20870:tid 20870] [client 85.155.151.138:35984] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carlosmol.com"] [uri "/.git/HEAD"] [unique_id "akEYIG54lphutOyuZvIa1gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Apache	2026-06-28 11:36:41 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.155.151.138 (IT/Italy/-): 5 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 85.155.151.138 (IT/Italy/-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 11:14:40 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:14:34.624738 2026] [security2:error] [pid 19636:tid 19636] [client 85.155.151.138:42734] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "canadagreenrecycling.com"] [uri "/.git/HEAD"] [unique_id "akECGojX5FvUq6RWBrF57gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 10:31:55 (1 day ago)	(caddyscan) Scanner path probe from 85.155.151.138 (IT/Italy/-): 5 in the last 3600 secs; Ports: ; ... show more (caddyscan) Scanner path probe from 85.155.151.138 (IT/Italy/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 85.155.151.138 - - [28/Jun/2026:10:31:51 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 85.155.151.138 - - [28/Jun/2026:10:31:51 +0000] "GET /.git/HEAD HTTP/1.1" [REDACTED] 200 2627 85.155.151.138 - - [28/Jun/2026:10:31:53 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 85.155.151.138 - - [28/Jun/2026:10:31:53 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 85.155.151.138 - - [28/Jun/2026:10:31:53 +0000] "GET /.env.development HTTP/1.1" show less	Port Scan
🇫🇷 masterguru	2026-06-28 10:13:04 (1 day ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 08:41:09 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.155.151.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:41:02.665723 2026] [security2:error] [pid 11201:tid 11201] [client 85.155.151.138:40870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cayman-islands-real-estate.com"] [uri "/.git/config"] [unique_id "akDeHqcswLwJfexlyABWHwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 216.226.76.10

🇺🇸 216.73.216.152

🇺🇸 209.204.30.18

🇺🇸 207.90.244.17

🇳🇱 203.55.131.4

🇸🇾 185.225.41.192

🇧🇷 179.189.196.75

🇧🇷 177.30.64.65

🇳🇱 176.65.139.215

🇧🇩 103.141.64.1

🇷🇺 93.178.115.95

🇺🇸 66.132.172.220

🇭🇰 46.247.61.84

🇧🇷 45.205.1.42

🇺🇸 20.169.107.45

🇨🇳 223.167.169.165

🇰🇷 222.110.147.56

🇨🇳 220.172.203.43

🇰🇷 218.149.228.159

🇧🇷 200.34.233.44